Thursday, June 25, 2009

CAPPS will create two different access paths into the airport: high-security and low-security. The intent is to let only good guys take the low-security path and to force bad guys to take the high-security path, but it rarely works out that way. You have to assume that the bad guys will find a way to exploit the low-security path.

Immigration Minister Amanda Vanstone:"a lot of what we do is to make people feel better as opposed to actually achieve an outcome"

* Sky Marshal Shooting in Miami

1) any time you have an officer making split-second life and death decisions, you're going to have mistakes.2) I'm not convinced the sky marshals' threat model matches reality.

* Sony's DRM Rootkit: The Real Story

On Oct. 31, Mark Russinovich broke the story in his blog: Sony BMG Music Entertainment distributed a copy-protection scheme with music CDs that secretly installed a rootkit on computers. This software tool is run without your knowledge or consent - if it's loaded on your computer with a CD, a hacker can gain and maintain access to your system and you wouldn't know it.

Sony offered a "fix" that didn't remove the rootkit, just the cloaking.

* CME in Practice

CME is "Common Malware Enumeration," and it's an initiative by US-CERT to give all worms, viruses, and such uniform names. The problem is that different security vendors use different names for the same thing.

* OpenDocument Format and the Commonwealth of Massachusetts

OpenDocument format (ODF) is an alternative to the Microsoft document, spreadsheet, and etc. file formats.

Microsoft, with its proprietary Office document format, is spreading rumors that ODF is somehow less secure.

This, from the company that allows Office documents to embed arbitrary Visual Basic programs?

But at least ODF has a clean and open XML format, which allows layered security and the ability to remove scripts as needed. This is much more difficult in the binary Microsoft formats that effectively hide embedded programs.

* Surveillance and Oversight

September 2005, Rotterdam. The police had already identified some of the 250 suspects in a soccer riot from the previous April, but most were unidentified but captured on video. In an effort to help, they sent text messages to 17,000 phones known to be in the vicinity of the riots, asking that anyone with information contact the police. The result was more evidence, and more arrests.

* Truckers Watching the Highways

Features I like in security systems: it's dynamic, it's distributed, it relies on trained people paying attention, and it's not focused on a specific threat.

* Twofish Cryptanalysis Rumors

Twofish isn't even remotely broken.

* Totally Secure Classical Communications?

Securing a communications link, like a phone or computer line, with a pair of resistors. By adding electronic noise, or using the natural thermal noise of the resistors.